Manualshelf

HP-UX IPFilter Version 17 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPFilter Software
81828384858687888990
block ip 28(20) 17 10.1.85.195,16000 > 10.1.80.196,16000
--------------
input: out on lan0 udp 10.1.84.196,16000 10.1.84.195,16000
nomatch ip 28(20) 17 10.1.84.196,16000 > 10.1.84.195,16000
--------------
input: out on lan1 udp 10.1.85.196,16000 10.1.84.195,16000
nomatch ip 28(20) 17 10.1.85.196,16000 > 10.1.84.195,16000
--------------
input: out on lan0 udp 10.1.80.196,16000 10.1.84.195,16000
nomatch ip 28(20) 17 10.1.80.196,16000 > 10.1.84.195,16000
--------------
input: out on lan0 udp 10.1.84.196,16000 10.1.85.195,16000
nomatch ip 28(20) 17 10.1.84.196,16000 > 10.1.85.195,16000
--------------
input: out on lan1 udp 10.1.85.196,16000 10.1.85.195,16000
nomatch ip 28(20) 17 10.1.85.196,16000 > 10.1.85.195,16000
--------------
input: out on lan0 udp 10.1.80.196,16000 10.1.85.195,16000
nomatch ip 28(20) 17 10.1.80.196,16000 > 10.1.85.195,16000
--------------
input: in on lan0 udp 10.1.81.195,16000 10.1.84.196,16000
block ip 28(20) 17 10.1.81.195,16000 > 10.1.84.196,16000
--------------
input: in on lan1 udp 10.1.81.195,16000 10.1.85.196,16000
block ip 28(20) 17 10.1.81.195,16000 > 10.1.85.196,16000
--------------
input: out on lan0 udp 10.1.84.196,16000 10.1.81.195,16000
nomatch ip 28(20) 17 10.1.84.196,16000 > 10.1.81.195,16000
--------------
input: out on lan1 udp 10.1.85.196,16000 10.1.81.195,16000
nomatch ip 28(20) 17 10.1.85.196,16000 > 10.1.81.195,16000
--------------
input: out on lan0 icmp 10.1.84.196 10.1.84.195
nomatch ip 48(20) 1 10.1.84.196 > 10.1.84.195
--------------
input: in on lan0 icmp 10.1.84.195 10.1.84.196
pass ip 48(20) 1 10.1.84.195 > 10.1.84.196
--------------
input: out on lan0 udp 10.1.80.196,16001 10.1.84.195,16000
nomatch ip 28(20) 17 10.1.80.196,16001 > 10.1.84.195,16000
--------------
input: out on lan0 udp 10.1.80.196,16001 10.1.85.195,16000
nomatch ip 28(20) 17 10.1.80.196,16001 > 10.1.85.195,16000
--------------
input: in on lan0 udp 10.1.84.195,16000 10.1.80.196,16001
pass ip 28(20) 17 10.1.84.195,16000 > 10.1.80.196,16001
--------------
input: in on lan0 udp 10.1.85.195,16000 10.1.80.196,16001
block ip 28(20) 17 10.1.85.195,16000 > 10.1.80.196,16001
--------------
Each result is one of the following: pass, block, or nomatch. For HP-UX IPFilter, the default
is pass. From the results you can verify that the filter should operate as expected.
More complex rulesets and sample traffic can be tested to reflect a production environment.
9.2 Testing Rules with ipftest 87